485e7c16e533fef71dcb1c13c022286a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

485e7c16e533fef71dcb1c13c022286a_JaffaCakes118
Size

114KB
MD5

485e7c16e533fef71dcb1c13c022286a
SHA1

7cee0990d45c0015a3d580cb5f9ff0524f4709e3
SHA256

92029a1527a6a8cff33eda323802faddf9222bb7c63b6ebf64dd8bca956fc8f8
SHA512

5bbcf985ed7e1d7834e67f2d7ceabc49deb7568cdb12f2eaf430db5fa94714d2b832fd39d265eebdc719ce0193c1b25acd0d2eedb2e60dce74f99adc2ad97d64
SSDEEP

3072:kbh8nCtcJbpU4FIaO1dXR/pbOJP7VBV4cyl2WqHCYvZY:rnCOPFIfvRBbU7KatR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
485e7c16e533fef71dcb1c13c022286a_JaffaCakes118

Files

485e7c16e533fef71dcb1c13c022286a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19c4414f67c529616bcebde551bef5bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
lstrcmpA
lstrcmpiW
RemoveDirectoryA
RemoveDirectoryW
FindClose
GlobalFindAtomA
DeleteFileA
GetCommandLineA
GetModuleHandleA
CopyFileA
lstrcmpiA
GetSystemTime
lstrlenA
VirtualAlloc
lstrlenW
VirtualFree
QueryPerformanceCounter

gdi32

LineTo
GetStockObject
RectVisible
CreateSolidBrush
DeleteDC
CreatePalette
SetTextColor
SetMapMode
GetObjectA
SetTextAlign
SelectObject
SelectPalette
SetStretchBltMode
CreateFontIndirectA
CreateCompatibleDC
GetTextMetricsA
RestoreDC
GetDeviceCaps
DeleteObject

user32

GetParent
CharNextA
TranslateMessage
GetDesktopWindow
GetSystemMetrics
GetDC

glu32

gluNurbsCallback

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ